dependabot-gradle 0.160.0 → 0.162.1
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b1e4733a81cd4c3296c2724abbe0c7ac80916bf3f5332c3ebea5688e6f668d8a
|
|
4
|
+
data.tar.gz: 3a6598cdfff7f67ee92cc72479f6562710d0b7bd374bf326e2b0412796bbb288
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e614dc00a5f665e25dd85a1e142e7ebf74a58d10060f4c217cfff594d8de1da0dbeb509f7f8fda49fe4fdc5ad9b87a27cad23a91001db311811fe58bdc4d9f00
|
|
7
|
+
data.tar.gz: d5b093c459100bd09966334121b92deb1f84fbc482b92836009f17aecff3ae7d9a653357fb1d558a2d5f95c7ab8d0a577c18eaa64b682a0d12ee1caf45cdc9c0
|
|
@@ -64,8 +64,7 @@ module Dependabot
|
|
|
64
64
|
return [] unless buildfile
|
|
65
65
|
|
|
66
66
|
dependency_plugin_paths =
|
|
67
|
-
buildfile.
|
|
68
|
-
scan(/apply from:\s+['"]([^'"]+)['"]/).flatten.
|
|
67
|
+
FileParser.find_include_names(buildfile).
|
|
69
68
|
reject { |path| path.include?("://") }.
|
|
70
69
|
reject { |path| !path.include?("/") && path.split(".").count > 2 }.
|
|
71
70
|
select { |filename| filename.include?("dependencies") }.
|
|
@@ -96,11 +96,15 @@ module Dependabot
|
|
|
96
96
|
|
|
97
97
|
# Look for a property in the callsite buildfile. If that fails, look
|
|
98
98
|
# for the property in the top-level buildfile
|
|
99
|
-
|
|
100
|
-
|
|
99
|
+
all_files = [callsite_buildfile, top_level_buildfile].concat(
|
|
100
|
+
FileParser.find_includes(callsite_buildfile, dependency_files),
|
|
101
|
+
FileParser.find_includes(top_level_buildfile, dependency_files)
|
|
102
|
+
)
|
|
103
|
+
all_files.each do |file|
|
|
104
|
+
details = properties(file).fetch(property_name, nil)
|
|
105
|
+
return details if details
|
|
101
106
|
end
|
|
102
|
-
|
|
103
|
-
properties(top_level_buildfile).fetch(property_name, nil)
|
|
107
|
+
nil
|
|
104
108
|
end
|
|
105
109
|
|
|
106
110
|
def property_value(property_name:, callsite_buildfile:)
|
|
@@ -32,7 +32,10 @@ module Dependabot
|
|
|
32
32
|
|
|
33
33
|
def repository_urls
|
|
34
34
|
repository_urls = []
|
|
35
|
-
repository_urls += inherited_repository_urls
|
|
35
|
+
repository_urls += inherited_repository_urls(top_level_buildfile)
|
|
36
|
+
FileParser.find_includes(top_level_buildfile, dependency_files).each do |dependency_file|
|
|
37
|
+
repository_urls += inherited_repository_urls(dependency_file)
|
|
38
|
+
end
|
|
36
39
|
repository_urls += own_buildfile_repository_urls
|
|
37
40
|
repository_urls = repository_urls.uniq
|
|
38
41
|
|
|
@@ -45,10 +48,10 @@ module Dependabot
|
|
|
45
48
|
|
|
46
49
|
attr_reader :dependency_files, :target_dependency_file
|
|
47
50
|
|
|
48
|
-
def inherited_repository_urls
|
|
49
|
-
return [] unless
|
|
51
|
+
def inherited_repository_urls(dependency_file)
|
|
52
|
+
return [] unless dependency_file
|
|
50
53
|
|
|
51
|
-
buildfile_content = comment_free_content(
|
|
54
|
+
buildfile_content = comment_free_content(dependency_file)
|
|
52
55
|
subproject_blocks = []
|
|
53
56
|
|
|
54
57
|
buildfile_content.scan(/(?:^|\s)allprojects\s*\{/) do
|
|
@@ -49,6 +49,20 @@ module Dependabot
|
|
|
49
49
|
dependency_set.dependencies
|
|
50
50
|
end
|
|
51
51
|
|
|
52
|
+
def self.find_include_names(buildfile)
|
|
53
|
+
return [] unless buildfile
|
|
54
|
+
|
|
55
|
+
buildfile.content.
|
|
56
|
+
scan(/apply(\(| )\s*from(\s+=|:)\s+['"]([^'"]+)['"]/).
|
|
57
|
+
map { |match| match[2] }
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
def self.find_includes(buildfile, dependency_files)
|
|
61
|
+
FileParser.find_include_names(buildfile).
|
|
62
|
+
map { |f| dependency_files.find { |bf| bf.name == f } }.
|
|
63
|
+
compact
|
|
64
|
+
end
|
|
65
|
+
|
|
52
66
|
private
|
|
53
67
|
|
|
54
68
|
def map_value_regex(key)
|
|
@@ -301,10 +315,7 @@ module Dependabot
|
|
|
301
315
|
def script_plugin_files
|
|
302
316
|
@script_plugin_files ||=
|
|
303
317
|
buildfiles.flat_map do |buildfile|
|
|
304
|
-
buildfile
|
|
305
|
-
scan(/apply from(\s+=|:)\s+['"]([^'"]+)['"]/).flatten.
|
|
306
|
-
map { |f| dependency_files.find { |bf| bf.name == f } }.
|
|
307
|
-
compact
|
|
318
|
+
FileParser.find_includes(buildfile, dependency_files)
|
|
308
319
|
end.
|
|
309
320
|
uniq
|
|
310
321
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-gradle
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.162.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-09-20 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,28 +16,28 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.162.1
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.162.1
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: dependabot-maven
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
30
30
|
requirements:
|
|
31
31
|
- - '='
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
|
-
version: 0.
|
|
33
|
+
version: 0.162.1
|
|
34
34
|
type: :runtime
|
|
35
35
|
prerelease: false
|
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
37
|
requirements:
|
|
38
38
|
- - '='
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
|
-
version: 0.
|
|
40
|
+
version: 0.162.1
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
42
|
name: byebug
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|